Good news, some days ago in the smitfraudfix have been added Titan Shield signatures. [HKEY_CURRENT_USER\Software\ADV] (Soon removed with SpywareSheriff) %USERPROFILE%\Application Data\Microsoft\Internet Explorer\Quick Launch\TitanShield Antispyware.lnk %USERPROFILE%\Local Settings\Application Data\TitanShield\*.* %STARTMENU%\Programs\TitanShield Antispyware\*.* %STARTMENU%\Programmes\StartUp\titanshield.lnk %DESKTOP%\TitanShield Antispyware.lnk %PROGRAMFILES%\TitanShield Antispyware\*.* If you have problems with TitanShield, download and try smitfraudfix.
Viruslist blog reported about interesting Javascript. This script runs maximized in the browser and presents the user with a window which looks like this: As you can see, there is an Address field in the window which says “https://www.paypal.com/us”, but it is not the real browser address editbox! It’s a special field inside the Java
Symptoms: fake security warnings popup in the bottom right of screen. Examples: “Your computer is working slowly!” “Alert! You are receiving spam!” “Warning! Your security and privacy are at risk!” “You computer is not protected against spyware!” “Danger! Spyware activity detected on your computer!” “Alert! A minimum of 7 spyware items found!” Explorer opens to
Found new rogue antispyware – Titan Shield. Available at antispywarebox(dot)com (a new rogue site) and titanshield(dot)com If you can`t uninstall or remove, ask about help: Spyware Removal Forum
ISC reader Robert detected one of his systems trying to connect to port 25 on various servers around the world. As this immediately screams: spam bot, Robert decided to analyze the box further. He captured some packets and found an interesting binary that he submitted to ISC for analysis. After analyzing this binary, they discovered
Found new fake codec – nvidcodec. The codec is malicious programecs that deliver popup advertisements and hijack search engine results. Some AV vendors detected the codec as Trojan.Downloader.Zlob
Sunbeltblog reported about new adware – pornmagpass. There’s a new adware detected some AV engines as trojan: AVG – Downloader.Zlob.AOI ClamAV – Trojan.Downloader.Zlob-471 EtrustVet – Win32/Beovens.FT Fortinet – suspicious Ikarus – Trojan-Downloader.Win32.Zlob.ni The EULA says: SOFTWARE INSTALLATION: Components bundled with our software may report to Licensor and/or its affiliates the installation status of certain marketing
Are you interested to downloadable movie clips? Many peoples are give answer “YES ” 🙂 But download free movies you can got for free adware and spyware also! SpywareGuide have made small recearch: I tried googling for some popular video albums, I came across a forum that holds many articles and download links based on
Hidden IFrame elements continue to be a popular way for targeting website visitors. After breaking into a server, the attacker modifies its HTML code, using a hidden IFrame tag to retrieve exploit code from another system. Maintainers of the compromised website typically don’t know that they are infecting their visitors for quite some time. ISC
